GE Update
3362Warning Date
Severity Level
Warning Number
Target Sector
3 June, 2020
● Critical
2020-1305
Energy - Water and Utilities - Manufacturing
Description:
GE has released security update to address a vulnerability in the following product:
- Grid Solutions Reason RT Clocks
- RT430, RT431, RT434
- نسخة 08A05 firmware وما قبل
- RT430, RT431, RT434
Threats:
Attacker could exploit this vulnerability by doing the following:
- Change the password of the 'configuration' user account.
- Modify the configuration of the device.
- Send a request to a specific URL that could cause the device to become unresponsive.
- Execute arbitrary code.
Best practice and Recommendations:
The CERT team encourages users to review GE security advisory and update the affected product to version 08A05 or greater: